def53e3205
If next_timeout() returns INT_MAX and pass it to
z_clock_set_timeout(), and machine goes to freeze or slow down.
Bad scenario as follows:
- If an argument int32_t ticks is set large value 0xffffffff,
ticks = MAX(MIN(ticks - 1, (int32_t)MAX_TICKS), 0);
replaces it into MAX_TICKS.
- uint32_t cyc will be set near by 0xffffffff
(this is 0xfffd7280 in 100 ticks per second).
- Add adjustment to cyc, adjustment max value is MAX_CYC.
(cyc = 0xffff14fd)
- Over 0x80000000 value of uint32_t is considered as negative
value of int32_t.
if ((int32_t)(cyc + last_count - now) < MIN_DELAY)
This condition is always true.
- Because cyc += CYC_PER_TICK will get overflow, driver sets mtimecmp
near value of current mtime.
(cyc = 0x00007fc0)
- Next timer interrupt will happen soon after return from interrupt
handler.
- By repeating these events, machine cannot go to next instruction,
and it's going to freeze or slow down.
Signed-off-by: Katsuhiro Suzuki <katsuhiro@katsuster.net>
150 lines
3.4 KiB
C
150 lines
3.4 KiB
C
/*
|
|
* Copyright (c) 2018 Intel Corporation
|
|
*
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*/
|
|
#include <drivers/timer/system_timer.h>
|
|
#include <sys_clock.h>
|
|
#include <spinlock.h>
|
|
#include <soc.h>
|
|
|
|
#define CYC_PER_TICK ((uint32_t)((uint64_t)sys_clock_hw_cycles_per_sec() \
|
|
/ (uint64_t)CONFIG_SYS_CLOCK_TICKS_PER_SEC))
|
|
#define MAX_CYC INT_MAX
|
|
#define MAX_TICKS ((MAX_CYC - CYC_PER_TICK) / CYC_PER_TICK)
|
|
#define MIN_DELAY 1000
|
|
|
|
#define TICKLESS IS_ENABLED(CONFIG_TICKLESS_KERNEL)
|
|
|
|
static struct k_spinlock lock;
|
|
static uint64_t last_count;
|
|
|
|
static void set_mtimecmp(uint64_t time)
|
|
{
|
|
#ifdef CONFIG_64BIT
|
|
*(volatile uint64_t *)RISCV_MTIMECMP_BASE = time;
|
|
#else
|
|
volatile uint32_t *r = (uint32_t *)RISCV_MTIMECMP_BASE;
|
|
|
|
/* Per spec, the RISC-V MTIME/MTIMECMP registers are 64 bit,
|
|
* but are NOT internally latched for multiword transfers. So
|
|
* we have to be careful about sequencing to avoid triggering
|
|
* spurious interrupts: always set the high word to a max
|
|
* value first.
|
|
*/
|
|
r[1] = 0xffffffff;
|
|
r[0] = (uint32_t)time;
|
|
r[1] = (uint32_t)(time >> 32);
|
|
#endif
|
|
}
|
|
|
|
static uint64_t mtime(void)
|
|
{
|
|
#ifdef CONFIG_64BIT
|
|
return *(volatile uint64_t *)RISCV_MTIME_BASE;
|
|
#else
|
|
volatile uint32_t *r = (uint32_t *)RISCV_MTIME_BASE;
|
|
uint32_t lo, hi;
|
|
|
|
/* Likewise, must guard against rollover when reading */
|
|
do {
|
|
hi = r[1];
|
|
lo = r[0];
|
|
} while (r[1] != hi);
|
|
|
|
return (((uint64_t)hi) << 32) | lo;
|
|
#endif
|
|
}
|
|
|
|
static void timer_isr(const void *arg)
|
|
{
|
|
ARG_UNUSED(arg);
|
|
|
|
k_spinlock_key_t key = k_spin_lock(&lock);
|
|
uint64_t now = mtime();
|
|
uint32_t dticks = (uint32_t)((now - last_count) / CYC_PER_TICK);
|
|
|
|
last_count += dticks * CYC_PER_TICK;
|
|
|
|
if (!TICKLESS) {
|
|
uint64_t next = last_count + CYC_PER_TICK;
|
|
|
|
if ((int64_t)(next - now) < MIN_DELAY) {
|
|
next += CYC_PER_TICK;
|
|
}
|
|
set_mtimecmp(next);
|
|
}
|
|
|
|
k_spin_unlock(&lock, key);
|
|
z_clock_announce(IS_ENABLED(CONFIG_TICKLESS_KERNEL) ? dticks : 1);
|
|
}
|
|
|
|
int z_clock_driver_init(const struct device *device)
|
|
{
|
|
ARG_UNUSED(device);
|
|
|
|
IRQ_CONNECT(RISCV_MACHINE_TIMER_IRQ, 0, timer_isr, NULL, 0);
|
|
last_count = mtime();
|
|
set_mtimecmp(last_count + CYC_PER_TICK);
|
|
irq_enable(RISCV_MACHINE_TIMER_IRQ);
|
|
return 0;
|
|
}
|
|
|
|
void z_clock_set_timeout(int32_t ticks, bool idle)
|
|
{
|
|
ARG_UNUSED(idle);
|
|
|
|
#if defined(CONFIG_TICKLESS_KERNEL)
|
|
/* RISCV has no idle handler yet, so if we try to spin on the
|
|
* logic below to reset the comparator, we'll always bump it
|
|
* forward to the "next tick" due to MIN_DELAY handling and
|
|
* the interrupt will never fire! Just rely on the fact that
|
|
* the OS gave us the proper timeout already.
|
|
*/
|
|
if (idle) {
|
|
return;
|
|
}
|
|
|
|
ticks = ticks == K_TICKS_FOREVER ? MAX_TICKS : ticks;
|
|
ticks = CLAMP(ticks - 1, 0, (int32_t)MAX_TICKS);
|
|
|
|
k_spinlock_key_t key = k_spin_lock(&lock);
|
|
uint64_t now = mtime();
|
|
uint32_t adj, cyc = ticks * CYC_PER_TICK;
|
|
|
|
/* Round up to next tick boundary. */
|
|
adj = (uint32_t)(now - last_count) + (CYC_PER_TICK - 1);
|
|
if (cyc <= MAX_CYC - adj) {
|
|
cyc += adj;
|
|
} else {
|
|
cyc = MAX_CYC;
|
|
}
|
|
cyc = (cyc / CYC_PER_TICK) * CYC_PER_TICK;
|
|
|
|
if ((int32_t)(cyc + last_count - now) < MIN_DELAY) {
|
|
cyc += CYC_PER_TICK;
|
|
}
|
|
|
|
set_mtimecmp(cyc + last_count);
|
|
k_spin_unlock(&lock, key);
|
|
#endif
|
|
}
|
|
|
|
uint32_t z_clock_elapsed(void)
|
|
{
|
|
if (!IS_ENABLED(CONFIG_TICKLESS_KERNEL)) {
|
|
return 0;
|
|
}
|
|
|
|
k_spinlock_key_t key = k_spin_lock(&lock);
|
|
uint32_t ret = ((uint32_t)mtime() - (uint32_t)last_count) / CYC_PER_TICK;
|
|
|
|
k_spin_unlock(&lock, key);
|
|
return ret;
|
|
}
|
|
|
|
uint32_t z_timer_cycle_get_32(void)
|
|
{
|
|
return (uint32_t)mtime();
|
|
}
|